Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for fileutils by gnu

    CVE-2003-0853 (GCVE-0-2003-0853)

    Vulnerability from nvd – Published: 2003-10-25 04:00 – Updated: 2024-08-08 02:05
    VLAI
    Summary
    An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.redhat.com/support/errata/RHSA-2003-309.html vendor-advisoryx_refsource_REDHAT
    http://www.turbolinux.com/security/TLSA-2003-60.txt vendor-advisoryx_refsource_TURBO
    http://www.redhat.com/support/errata/RHSA-2003-310.html vendor-advisoryx_refsource_REDHAT
    http://www.securityfocus.com/bid/8875 vdb-entryx_refsource_BID
    http://www.securityfocus.com/advisories/6014 vendor-advisoryx_refsource_IMMUNIX
    http://secunia.com/advisories/17069 third-party-advisoryx_refsource_SECUNIA
    http://www.guninski.com/binls.html x_refsource_MISC
    http://secunia.com/advisories/10126 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    Date Public
    2003-10-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:05:12.707Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "CLA-2003:771",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
              },
              {
                "name": "CLA-2003:768",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
              },
              {
                "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
              },
              {
                "name": "RHSA-2003:309",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
              },
              {
                "name": "TLSA-2003-60",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_TURBO",
                  "x_transferred"
                ],
                "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
              },
              {
                "name": "RHSA-2003:310",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
              },
              {
                "name": "8875",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/8875"
              },
              {
                "name": "IMNX-2003-7+-026-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_IMMUNIX",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/advisories/6014"
              },
              {
                "name": "17069",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17069"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.guninski.com/binls.html"
              },
              {
                "name": "10126",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/10126"
              },
              {
                "name": "MDKSA-2003:106",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-10-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-10-28T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "CLA-2003:771",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
            },
            {
              "name": "CLA-2003:768",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
            },
            {
              "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
            },
            {
              "name": "RHSA-2003:309",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
            },
            {
              "name": "TLSA-2003-60",
              "tags": [
                "vendor-advisory",
                "x_refsource_TURBO"
              ],
              "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
            },
            {
              "name": "RHSA-2003:310",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
            },
            {
              "name": "8875",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/8875"
            },
            {
              "name": "IMNX-2003-7+-026-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_IMMUNIX"
              ],
              "url": "http://www.securityfocus.com/advisories/6014"
            },
            {
              "name": "17069",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17069"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.guninski.com/binls.html"
            },
            {
              "name": "10126",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/10126"
            },
            {
              "name": "MDKSA-2003:106",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0853",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "CLA-2003:771",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
                },
                {
                  "name": "CLA-2003:768",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
                },
                {
                  "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
                },
                {
                  "name": "RHSA-2003:309",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
                },
                {
                  "name": "TLSA-2003-60",
                  "refsource": "TURBO",
                  "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
                },
                {
                  "name": "RHSA-2003:310",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
                },
                {
                  "name": "8875",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/8875"
                },
                {
                  "name": "IMNX-2003-7+-026-01",
                  "refsource": "IMMUNIX",
                  "url": "http://www.securityfocus.com/advisories/6014"
                },
                {
                  "name": "17069",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17069"
                },
                {
                  "name": "http://www.guninski.com/binls.html",
                  "refsource": "MISC",
                  "url": "http://www.guninski.com/binls.html"
                },
                {
                  "name": "10126",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/10126"
                },
                {
                  "name": "MDKSA-2003:106",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0853",
        "datePublished": "2003-10-25T04:00:00.000Z",
        "dateReserved": "2003-10-10T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:05:12.707Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-0854 (GCVE-0-2003-0854)

    Vulnerability from nvd – Published: 2003-10-25 04:00 – Updated: 2024-08-08 02:05
    VLAI
    Summary
    ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.debian.org/security/2005/dsa-705 vendor-advisoryx_refsource_DEBIAN
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/115 exploitx_refsource_EXPLOIT-DB
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.redhat.com/support/errata/RHSA-2003-309.html vendor-advisoryx_refsource_REDHAT
    http://www.turbolinux.com/security/TLSA-2003-60.txt vendor-advisoryx_refsource_TURBO
    http://www.redhat.com/support/errata/RHSA-2003-310.html vendor-advisoryx_refsource_REDHAT
    http://www.securityfocus.com/advisories/6014 vendor-advisoryx_refsource_IMMUNIX
    http://secunia.com/advisories/17069 third-party-advisoryx_refsource_SECUNIA
    http://www.guninski.com/binls.html x_refsource_MISC
    http://secunia.com/advisories/10126 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    Date Public
    2003-10-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:05:12.585Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-705",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-705"
              },
              {
                "name": "CLA-2003:771",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
              },
              {
                "name": "115",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/115"
              },
              {
                "name": "CLA-2003:768",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
              },
              {
                "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
              },
              {
                "name": "RHSA-2003:309",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
              },
              {
                "name": "TLSA-2003-60",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_TURBO",
                  "x_transferred"
                ],
                "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
              },
              {
                "name": "RHSA-2003:310",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
              },
              {
                "name": "IMNX-2003-7+-026-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_IMMUNIX",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/advisories/6014"
              },
              {
                "name": "17069",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17069"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.guninski.com/binls.html"
              },
              {
                "name": "10126",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/10126"
              },
              {
                "name": "MDKSA-2003:106",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-10-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-705",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-705"
            },
            {
              "name": "CLA-2003:771",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
            },
            {
              "name": "115",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/115"
            },
            {
              "name": "CLA-2003:768",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
            },
            {
              "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
            },
            {
              "name": "RHSA-2003:309",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
            },
            {
              "name": "TLSA-2003-60",
              "tags": [
                "vendor-advisory",
                "x_refsource_TURBO"
              ],
              "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
            },
            {
              "name": "RHSA-2003:310",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
            },
            {
              "name": "IMNX-2003-7+-026-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_IMMUNIX"
              ],
              "url": "http://www.securityfocus.com/advisories/6014"
            },
            {
              "name": "17069",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17069"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.guninski.com/binls.html"
            },
            {
              "name": "10126",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/10126"
            },
            {
              "name": "MDKSA-2003:106",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0854",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-705",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2005/dsa-705"
                },
                {
                  "name": "CLA-2003:771",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
                },
                {
                  "name": "115",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/115"
                },
                {
                  "name": "CLA-2003:768",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
                },
                {
                  "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
                },
                {
                  "name": "RHSA-2003:309",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
                },
                {
                  "name": "TLSA-2003-60",
                  "refsource": "TURBO",
                  "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
                },
                {
                  "name": "RHSA-2003:310",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
                },
                {
                  "name": "IMNX-2003-7+-026-01",
                  "refsource": "IMMUNIX",
                  "url": "http://www.securityfocus.com/advisories/6014"
                },
                {
                  "name": "17069",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17069"
                },
                {
                  "name": "http://www.guninski.com/binls.html",
                  "refsource": "MISC",
                  "url": "http://www.guninski.com/binls.html"
                },
                {
                  "name": "10126",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/10126"
                },
                {
                  "name": "MDKSA-2003:106",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0854",
        "datePublished": "2003-10-25T04:00:00.000Z",
        "dateReserved": "2003-10-10T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:05:12.585Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0435 (GCVE-0-2002-0435)

    Vulnerability from nvd – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:49
    VLAI
    Summary
    Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a ".." directory that is higher than expected, possibly up to the root file system.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-03-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:49:28.518Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2003:016",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-016.html"
              },
              {
                "name": "MDKSA-2002:031",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html"
              },
              {
                "name": "RHSA-2003:015",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-015.html"
              },
              {
                "name": "4266",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/4266"
              },
              {
                "name": "CSSA-2002-018.1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CALDERA",
                  "x_transferred"
                ],
                "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt"
              },
              {
                "name": "20020310 GNU fileutils - recursive directory removal race condition",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/260936"
              },
              {
                "name": "gnu-fileutils-race-condition(8432)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/8432.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-03-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a \"..\" directory that is higher than expected, possibly up to the root file system."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-03-21T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2003:016",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-016.html"
            },
            {
              "name": "MDKSA-2002:031",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html"
            },
            {
              "name": "RHSA-2003:015",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-015.html"
            },
            {
              "name": "4266",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/4266"
            },
            {
              "name": "CSSA-2002-018.1",
              "tags": [
                "vendor-advisory",
                "x_refsource_CALDERA"
              ],
              "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt"
            },
            {
              "name": "20020310 GNU fileutils - recursive directory removal race condition",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/260936"
            },
            {
              "name": "gnu-fileutils-race-condition(8432)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/8432.php"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0435",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a \"..\" directory that is higher than expected, possibly up to the root file system."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2003:016",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-016.html"
                },
                {
                  "name": "MDKSA-2002:031",
                  "refsource": "MANDRAKE",
                  "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php"
                },
                {
                  "name": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html",
                  "refsource": "CONFIRM",
                  "url": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html"
                },
                {
                  "name": "RHSA-2003:015",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-015.html"
                },
                {
                  "name": "4266",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/4266"
                },
                {
                  "name": "CSSA-2002-018.1",
                  "refsource": "CALDERA",
                  "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt"
                },
                {
                  "name": "20020310 GNU fileutils - recursive directory removal race condition",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/260936"
                },
                {
                  "name": "gnu-fileutils-race-condition(8432)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/8432.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0435",
        "datePublished": "2003-04-02T05:00:00.000Z",
        "dateReserved": "2002-06-07T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:49:28.518Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-0853 (GCVE-0-2003-0853)

    Vulnerability from cvelistv5 – Published: 2003-10-25 04:00 – Updated: 2024-08-08 02:05
    VLAI
    Summary
    An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.redhat.com/support/errata/RHSA-2003-309.html vendor-advisoryx_refsource_REDHAT
    http://www.turbolinux.com/security/TLSA-2003-60.txt vendor-advisoryx_refsource_TURBO
    http://www.redhat.com/support/errata/RHSA-2003-310.html vendor-advisoryx_refsource_REDHAT
    http://www.securityfocus.com/bid/8875 vdb-entryx_refsource_BID
    http://www.securityfocus.com/advisories/6014 vendor-advisoryx_refsource_IMMUNIX
    http://secunia.com/advisories/17069 third-party-advisoryx_refsource_SECUNIA
    http://www.guninski.com/binls.html x_refsource_MISC
    http://secunia.com/advisories/10126 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    Date Public
    2003-10-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:05:12.707Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "CLA-2003:771",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
              },
              {
                "name": "CLA-2003:768",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
              },
              {
                "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
              },
              {
                "name": "RHSA-2003:309",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
              },
              {
                "name": "TLSA-2003-60",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_TURBO",
                  "x_transferred"
                ],
                "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
              },
              {
                "name": "RHSA-2003:310",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
              },
              {
                "name": "8875",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/8875"
              },
              {
                "name": "IMNX-2003-7+-026-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_IMMUNIX",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/advisories/6014"
              },
              {
                "name": "17069",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17069"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.guninski.com/binls.html"
              },
              {
                "name": "10126",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/10126"
              },
              {
                "name": "MDKSA-2003:106",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-10-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-10-28T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "CLA-2003:771",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
            },
            {
              "name": "CLA-2003:768",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
            },
            {
              "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
            },
            {
              "name": "RHSA-2003:309",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
            },
            {
              "name": "TLSA-2003-60",
              "tags": [
                "vendor-advisory",
                "x_refsource_TURBO"
              ],
              "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
            },
            {
              "name": "RHSA-2003:310",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
            },
            {
              "name": "8875",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/8875"
            },
            {
              "name": "IMNX-2003-7+-026-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_IMMUNIX"
              ],
              "url": "http://www.securityfocus.com/advisories/6014"
            },
            {
              "name": "17069",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17069"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.guninski.com/binls.html"
            },
            {
              "name": "10126",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/10126"
            },
            {
              "name": "MDKSA-2003:106",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0853",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "CLA-2003:771",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
                },
                {
                  "name": "CLA-2003:768",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
                },
                {
                  "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
                },
                {
                  "name": "RHSA-2003:309",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
                },
                {
                  "name": "TLSA-2003-60",
                  "refsource": "TURBO",
                  "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
                },
                {
                  "name": "RHSA-2003:310",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
                },
                {
                  "name": "8875",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/8875"
                },
                {
                  "name": "IMNX-2003-7+-026-01",
                  "refsource": "IMMUNIX",
                  "url": "http://www.securityfocus.com/advisories/6014"
                },
                {
                  "name": "17069",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17069"
                },
                {
                  "name": "http://www.guninski.com/binls.html",
                  "refsource": "MISC",
                  "url": "http://www.guninski.com/binls.html"
                },
                {
                  "name": "10126",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/10126"
                },
                {
                  "name": "MDKSA-2003:106",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0853",
        "datePublished": "2003-10-25T04:00:00.000Z",
        "dateReserved": "2003-10-10T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:05:12.707Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2003-0854 (GCVE-0-2003-0854)

    Vulnerability from cvelistv5 – Published: 2003-10-25 04:00 – Updated: 2024-08-08 02:05
    VLAI
    Summary
    ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.debian.org/security/2005/dsa-705 vendor-advisoryx_refsource_DEBIAN
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://support.avaya.com/elmodocs2/security/ASA-2… x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/115 exploitx_refsource_EXPLOIT-DB
    http://distro.conectiva.com.br/atualizacoes/?id=a… vendor-advisoryx_refsource_CONECTIVA
    http://lists.grok.org.uk/pipermail/full-disclosur… mailing-listx_refsource_FULLDISC
    http://www.redhat.com/support/errata/RHSA-2003-309.html vendor-advisoryx_refsource_REDHAT
    http://www.turbolinux.com/security/TLSA-2003-60.txt vendor-advisoryx_refsource_TURBO
    http://www.redhat.com/support/errata/RHSA-2003-310.html vendor-advisoryx_refsource_REDHAT
    http://www.securityfocus.com/advisories/6014 vendor-advisoryx_refsource_IMMUNIX
    http://secunia.com/advisories/17069 third-party-advisoryx_refsource_SECUNIA
    http://www.guninski.com/binls.html x_refsource_MISC
    http://secunia.com/advisories/10126 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRAKE
    Date Public
    2003-10-22 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:05:12.585Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "DSA-705",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2005/dsa-705"
              },
              {
                "name": "CLA-2003:771",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
              },
              {
                "name": "115",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/115"
              },
              {
                "name": "CLA-2003:768",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CONECTIVA",
                  "x_transferred"
                ],
                "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
              },
              {
                "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
              },
              {
                "name": "RHSA-2003:309",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
              },
              {
                "name": "TLSA-2003-60",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_TURBO",
                  "x_transferred"
                ],
                "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
              },
              {
                "name": "RHSA-2003:310",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
              },
              {
                "name": "IMNX-2003-7+-026-01",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_IMMUNIX",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/advisories/6014"
              },
              {
                "name": "17069",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/17069"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.guninski.com/binls.html"
              },
              {
                "name": "10126",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/10126"
              },
              {
                "name": "MDKSA-2003:106",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2003-10-22T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-10-10T00:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "DSA-705",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2005/dsa-705"
            },
            {
              "name": "CLA-2003:771",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
            },
            {
              "name": "115",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/115"
            },
            {
              "name": "CLA-2003:768",
              "tags": [
                "vendor-advisory",
                "x_refsource_CONECTIVA"
              ],
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
            },
            {
              "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
            },
            {
              "name": "RHSA-2003:309",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
            },
            {
              "name": "TLSA-2003-60",
              "tags": [
                "vendor-advisory",
                "x_refsource_TURBO"
              ],
              "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
            },
            {
              "name": "RHSA-2003:310",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
            },
            {
              "name": "IMNX-2003-7+-026-01",
              "tags": [
                "vendor-advisory",
                "x_refsource_IMMUNIX"
              ],
              "url": "http://www.securityfocus.com/advisories/6014"
            },
            {
              "name": "17069",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/17069"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.guninski.com/binls.html"
            },
            {
              "name": "10126",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/10126"
            },
            {
              "name": "MDKSA-2003:106",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2003-0854",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "DSA-705",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2005/dsa-705"
                },
                {
                  "name": "CLA-2003:771",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000771"
                },
                {
                  "name": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf"
                },
                {
                  "name": "115",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/115"
                },
                {
                  "name": "CLA-2003:768",
                  "refsource": "CONECTIVA",
                  "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000768"
                },
                {
                  "name": "20031022 Fun with /bin/ls, yet still ls better than windows",
                  "refsource": "FULLDISC",
                  "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-October/012548.html"
                },
                {
                  "name": "RHSA-2003:309",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-309.html"
                },
                {
                  "name": "TLSA-2003-60",
                  "refsource": "TURBO",
                  "url": "http://www.turbolinux.com/security/TLSA-2003-60.txt"
                },
                {
                  "name": "RHSA-2003:310",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-310.html"
                },
                {
                  "name": "IMNX-2003-7+-026-01",
                  "refsource": "IMMUNIX",
                  "url": "http://www.securityfocus.com/advisories/6014"
                },
                {
                  "name": "17069",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/17069"
                },
                {
                  "name": "http://www.guninski.com/binls.html",
                  "refsource": "MISC",
                  "url": "http://www.guninski.com/binls.html"
                },
                {
                  "name": "10126",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/10126"
                },
                {
                  "name": "MDKSA-2003:106",
                  "refsource": "MANDRAKE",
                  "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2003:106"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2003-0854",
        "datePublished": "2003-10-25T04:00:00.000Z",
        "dateReserved": "2003-10-10T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:05:12.585Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-0435 (GCVE-0-2002-0435)

    Vulnerability from cvelistv5 – Published: 2003-04-02 05:00 – Updated: 2024-08-08 02:49
    VLAI
    Summary
    Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a ".." directory that is higher than expected, possibly up to the root file system.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-03-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T02:49:28.518Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2003:016",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-016.html"
              },
              {
                "name": "MDKSA-2002:031",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRAKE",
                  "x_transferred"
                ],
                "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html"
              },
              {
                "name": "RHSA-2003:015",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2003-015.html"
              },
              {
                "name": "4266",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/4266"
              },
              {
                "name": "CSSA-2002-018.1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_CALDERA",
                  "x_transferred"
                ],
                "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt"
              },
              {
                "name": "20020310 GNU fileutils - recursive directory removal race condition",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/260936"
              },
              {
                "name": "gnu-fileutils-race-condition(8432)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/8432.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-03-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a \"..\" directory that is higher than expected, possibly up to the root file system."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-03-21T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "RHSA-2003:016",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-016.html"
            },
            {
              "name": "MDKSA-2002:031",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRAKE"
              ],
              "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html"
            },
            {
              "name": "RHSA-2003:015",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2003-015.html"
            },
            {
              "name": "4266",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/4266"
            },
            {
              "name": "CSSA-2002-018.1",
              "tags": [
                "vendor-advisory",
                "x_refsource_CALDERA"
              ],
              "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt"
            },
            {
              "name": "20020310 GNU fileutils - recursive directory removal race condition",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/260936"
            },
            {
              "name": "gnu-fileutils-race-condition(8432)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/8432.php"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-0435",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a \"..\" directory that is higher than expected, possibly up to the root file system."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2003:016",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-016.html"
                },
                {
                  "name": "MDKSA-2002:031",
                  "refsource": "MANDRAKE",
                  "url": "http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-031.php"
                },
                {
                  "name": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html",
                  "refsource": "CONFIRM",
                  "url": "http://mail.gnu.org/archive/html/bug-fileutils/2002-03/msg00028.html"
                },
                {
                  "name": "RHSA-2003:015",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2003-015.html"
                },
                {
                  "name": "4266",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/4266"
                },
                {
                  "name": "CSSA-2002-018.1",
                  "refsource": "CALDERA",
                  "url": "ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-018.1.txt"
                },
                {
                  "name": "20020310 GNU fileutils - recursive directory removal race condition",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/260936"
                },
                {
                  "name": "gnu-fileutils-race-condition(8432)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/8432.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-0435",
        "datePublished": "2003-04-02T05:00:00.000Z",
        "dateReserved": "2002-06-07T00:00:00.000Z",
        "dateUpdated": "2024-08-08T02:49:28.518Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }